Collecting logs from Linux machines

In modern times, logs are everything. In this text you can find bits of information about your machines' performance and problematic behavior. As Linux is de facto standard in servers all around the world, we need to subdue their information in order to monitor availability and performance. EventLog Collector on the other side are servers used for gathering and centralizing logs from your machines (not necessarily servers, you can also collect logs from Desktops, POS, etc.) and have built-in alarm functionality.

Installing syslog server and forwarder

We will cover Centos and Debian/Ubuntu, however you can also install rsyslog on other Linux Distributions and configure them accordingly.


yum install rsyslog -y


apt install rsyslog -y

After the installation add the following line to /etc/rsyslog.conf file at the end:

*.* @

where *.* is log all messages, @ is UDP protocol, is ip address of EventLog Collector and 33514 is port on which application is listening.

For both Centos and Debian/Ubuntu:

systemctl enable rsyslog

systemctl restart rsyslog


After finishing above mentioned steps, syslog messages should start flowing to your EventLog Collector. As easy as pie!



5 reasons for using EventLog Analyzer